Configuring nac layer 2 ieee 802.1x validation, Configuring 802.1x switch supplicant with neat, Configuring nac layer 2 ieee 802.1x – Dell POWEREDGE M1000E User Manual

Page 317: And the

Advertising
background image

10-55

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring IEEE 802.1x Authentication

Configuring NAC Layer 2 IEEE 802.1x Validation

You can configure NAC Layer 2 IEEE 802.1x validation, which is also referred to as IEEE 802.1x
authentication with a RADIUS server.

Beginning in privileged EXEC mode, follow these steps to configure NAC Layer 2 IEEE 802.1x
validation. The procedure is optional.

This example shows how to configure NAC Layer 2 IEEE 802.1x validation:

Switch# configure terminal

Switch(config)# interface gigabitethernet2/0/1

Switch(config-if)# dot1x reauthentication

Switch(config-if)# dot1x timeout reauth-period server

Configuring 802.1x Switch Supplicant with NEAT

Configuring this feature requires that one switch (outside a wiring closet) is configured as supplicant and
is connected to an authenticator switch.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Specify the port to be configured, and enter interface configuration mode.

Step 3

dot1x guest-vlan vlan-id

Specify an active VLAN as an IEEE 802.1x guest VLAN. The range is 1
to 4094.

You can configure any active VLAN except an internal VLAN (routed
port), an RSPAN VLAN, or a voice VLAN as an IEEE 802.1x guest
VLAN.

Step 4

authentication periodic

or

dot1x reauthentication

Enable periodic re-authentication of the client, which is disabled by
default.

Step 5

dot1x timeout reauth-period {seconds |
server}

Set the number of seconds between re-authentication attempts.

The keywords have these meanings:

seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.

server—Sets the number of seconds based on the value of the
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).

This command affects the behavior of the switch only if periodic
re-authentication is enabled.

Step 6

end

Return to privileged EXEC mode.

Step 7

show authentication interface-id

or

show dot1x interface interface-id

Verify your IEEE 802.1x authentication configuration.

Step 8

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Advertising
Popular Brands
Popular manuals